<?php
// register page (register new user)
//
// digiboard by digitalboom.org
// http://www.digitalboom.org
//
// Information Technology program
// Sirindhorn International Institute of Technology
// Thammasat University, Rangsit Campus
// http://www.siit.tu.ac.th
//
// first created on: 2002 Mar 10
// last modified on: 2002 May 24

include("settings/config.inc.php");
include("lib/sh.inc.php");
include("lib/util.inc.php");
include("lib/users_function.inc.php");

extract($_POST);
extract($_GET);

if ($DGB["ENABLE_LOGIN"] == true) {
 $error_message="";

 // Check validity of given data
 if(!isset($Username)) {
  $error_message.="##  Please fill in Username\\n";
 }
 $x1 = strpos($Username,"@");
 $x2 = strpos($Username,"'");
 if($x1||$x2) {
  $error_message.="## Cannot use @ or \' in username\\n";
 }
 if (strpos($Email,"@")&&(strpos($Email,"@")<strrpos($Email,"."))) {
  // do nothing
 } else {
  $error_message.="## Invalid E-mail address\\n";
 }
 if (!$Password) {
  $error_message.="##  Please fill in your password\\n";
 }
 if (!$ConfirmPassword) {
  $error_message.="##  Please confirm your password\\n";
 }
 if (!$Email) {
  $error_message.="##  Please fill in your Email\\n";
 }
 if ($Password!=$ConfirmPassword) {
  $error_message.="##  Confirm password not matches\\n";
 }

 $db_link = dgb_db_connect();

 //Check Duplicate UserName First
 $query = "SELECT Username FROM ".$DGB['DB_USERS_TABLE']." WHERE Username='$Username'";
 $result = mysql_query($query, $db_link);
 $num = mysql_num_rows($result);

 //Duplicate UserName
 if ($num > 0) {
  $error_message .= "Duplicate Username, please change.";
 }
 
 if ($error_message) {
  $javatext = "<script language='JavaScript'>alert('Please complete your detail :\\n$error_message'); history.back();</Script>";
  echo $javatext;
  exit;
 }

 addslashes($Username);
 //addslashes($Password);

 //Insert User Information to Database

 $NowTimeStamp  = time();
 $NowTimeStamp_Offsetted  = $NowTimeStamp-($DGB["TIME_OFFSET"]*3600);

 $RegisterDateTime = date("Y-m-d H:i:s", $NowTimeStamp_Offsetted);

 $query = "INSERT INTO ".$DGB['DB_USERS_TABLE']." (UserID,Username,Password,Email,ICQ,MSN,Website,Name,Lastname,Nickname,SIITID,Department,RegisterDate,LastOnlineTime,Birthdate,Address,Telephone,TotalTopicPost,TotalAnswerPost) VALUES  ('','$Username','".md5($Password)."','$Email','$ICQ','$MSN','$Website','$Name','$Lastname','$Nickname','$SIITID','$Department','$RegisterDateTime','$RegisterDateTime','$BirthDate','$Address','$Telephone','0','0')";

 $result = mysql_query($query, $db_link);
 stripslashes($Username);

 //Send Email Confirmation
 if($DGB["EmailConfirmation"] == "1") {
  SendEmail_NewUser($Name,$Lastname,$Email,$LoginName,$Password,$DGB["WEBBOARD_NAME"],$DGB["ADMIN_EMAIL"],$DGB["HTTP_PATH"],$DGB["SendMailSystem"]);
 }

 addslashes($Username);
 pw2shad($Password);

 //Set Cookie
 setcookie("Username","$Username");
 setcookie("Password","$Password");

 //Redirect to Webboard
 Header("Location: list.php");
} else {
 echo "<h2 align=\"center\">Login system is not enabled.</h2>";
}
//end  Login System enabled ?
?>
